Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision		Previous revision
newcastle-planning [2016/04/11 23:30] – created alexhaydocknewcastle-planning [2022/05/08 11:42] (current) – external edit 127.0.0.1
Line 1: Line 1:
 ===== Newcastle-upon-Tyne, United Kingdom (Planning Page) ===== ===== Newcastle-upon-Tyne, United Kingdom (Planning Page) =====
  
-====Past Events====+Poster and some visuals currently hosted on Flickr at [[https://www.flickr.com/photos/137781729@N08/albums/72157667234594126]]. 
 + 
 +====Groups Contacted==== 
 +Which groups have we already contacted with our call for volunteers? 
 + 
 +Record alpahbetically who you've emailed so we don't hit the same group more than once: 
 + 
 +  * aktivix-discuss 
 +  * cryptoparty GBR list 
 +  * dfs3 
 +  * durham linux user group 
 +  * hacktionlab 
 +  * ORG North East 
 +  * owasp newcastle uk chapter 
 +  * star and shadow volunteers 
 + 
 + 
 +==== Past Events ==== 
 === 2016-03-07, Planning Meeting === === 2016-03-07, Planning Meeting ===
  
Line 8: Line 26:
 //Where//: the former Crèche room on level 2, [[https://www.newcastle.gov.uk/leisure-libraries-and-tourism/libraries/branch-libraries-and-opening-hours/city-library|Newcastle City Library]] (Charles Avison building), Newbridge Street [[http://osm.org/go/evym3eX_E--?m=|[map]]] //Where//: the former Crèche room on level 2, [[https://www.newcastle.gov.uk/leisure-libraries-and-tourism/libraries/branch-libraries-and-opening-hours/city-library|Newcastle City Library]] (Charles Avison building), Newbridge Street [[http://osm.org/go/evym3eX_E--?m=|[map]]]
  
-//When: //  6PM, Thursday March 17th 2016. Please be prompt as we need to finish before the library closes.+//When: // 6PM, Thursday March 17th 2016. Please be prompt as we need to finish before the library closes.
  
 //Agenda:// //Agenda://
  
-  - Introductions+   - Introductions
   - An overview of the cryptoparty idea and what we are trying to achieve   - An overview of the cryptoparty idea and what we are trying to achieve
   - Take stock of our resources - people, spaces, other   - Take stock of our resources - people, spaces, other
Line 21: Line 39:
   - Summary & close.   - Summary & close.
  
-====Potential Current / Future Party Topics====+==== Potential Current / Future Party Topics ==== 
 === Security Topics === === Security Topics ===
  
Line 27: Line 46:
 |Two Factor Authentication |Google/Facebook etc. (with mention of why you might want to completely avoid goo / fb) |  | |Two Factor Authentication |Google/Facebook etc. (with mention of why you might want to completely avoid goo / fb) |  |
 |HTTPS Everywhere / Ad-Blocking Browser Extensions |[[http://arstechnica.com/security/2016/03/big-name-sites-hit-by-rash-of-malicious-ads-spreading-crypto-ransomware/|http://arstechnica.com/security/2016/03/big-name-sites-hit-by-rash-of-malicious-ads-spreading-crypto-ransomware/]] |  | |HTTPS Everywhere / Ad-Blocking Browser Extensions |[[http://arstechnica.com/security/2016/03/big-name-sites-hit-by-rash-of-malicious-ads-spreading-crypto-ransomware/|http://arstechnica.com/security/2016/03/big-name-sites-hit-by-rash-of-malicious-ads-spreading-crypto-ransomware/]] |  |
-|Full Disk Encryption |How? Is there a good audited **Windows** solution? - TrueCrypt 7.1a has the privilege escalation vulnerabilities (CVE-2015-7358,7359) and the forks (VeraCrypt etc.) haven't received as much scrutiny from the security community as may be desired. \\   \\ **Linux **- use dmcrypt / LUKS, easily done as part of installation however beware the Evil Maid attack, e.g. keep your boot partition on a USB key. For removable media, use cryptsetup from the command line, or gnome-disk-utility  |  |+|Full Disk Encryption |How? Is there a good audited **Windows** solution? - TrueCrypt 7.1a has the privilege escalation vulnerabilities (CVE-2015-7358,CVE-2015-7359) and the forks (VeraCrypt etc.) haven't received as much scrutiny from the security community as may be desired. \\   \\ **Linux **- use dmcrypt / LUKS, easily done as part of installation however beware the Evil Maid attack, e.g. keep your boot partition on a USB key. For removable media, use cryptsetup from the command line, or gnome-disk-utility  |  |
 |NoScript |Advanced! - but will probably at least need touching if we're going to be covering the Tor Browser Bundle. |  | |NoScript |Advanced! - but will probably at least need touching if we're going to be covering the Tor Browser Bundle. |  |
  
Line 42: Line 61:
 ^Topic ^Notes ^Person | ^Topic ^Notes ^Person |
 |PGP |Encrypting and signing email. |  | |PGP |Encrypting and signing email. |  |
-|[[https://whispersystems.org/|Signal]] |Focusing on mobile application (Android/iOS)Desktop client is sadly still in early development. |  |+|[[https://whispersystems.org/|Signal]]  |OpenWhisperSystems' Signal will be focused on at the party, but LibreSignal may be mentioned for users who are already using third-party app repositories and have already enabled running third-party APKs on their phones(It's not appropriate to recommend this to everyone, since they'd probably also need to know how to set up a gradle build environment on the basis that LibreSignal isn't available in F-Droid and will need to be built from source) |  |
 |[[https://ricochet.im/|Ricochet]] |Most secure - No metadata analysis possible, but IM only. |  | |[[https://ricochet.im/|Ricochet]] |Most secure - No metadata analysis possible, but IM only. |  |
 |[[https://jitsi.org|Jitsi]] |Probably the most effective "drop-in Skype replacement" at the moment but I'd want to be careful not to mislead anyone into thinking that metadata analysis wasn't possible with this - it is, due to its use of centralised XMPP services. |  | |[[https://jitsi.org|Jitsi]] |Probably the most effective "drop-in Skype replacement" at the moment but I'd want to be careful not to mislead anyone into thinking that metadata analysis wasn't possible with this - it is, due to its use of centralised XMPP services. |  |
 |XMPP+OTR |This has been popular at CryptoParties for a while, but the additional security offered by Ricochet means it is effectively deprecated. Can be covered if people think it is particularly a good idea. |  | |XMPP+OTR |This has been popular at CryptoParties for a while, but the additional security offered by Ricochet means it is effectively deprecated. Can be covered if people think it is particularly a good idea. |  |
 +
 +Regarding the various different instant messengers, there's an accessible and up-to-date blog post here: https://blog.grobox.de/2016/briar-next-step-of-the-crypto-messenger-evolution/
  
 === Miscellaneous === === Miscellaneous ===
Line 65: Line 86:
  
 \\ \\
 +